|  | e94ba149df | Update README file to decrease confusion with the old application name | 2013-09-14 16:28:50 +04:00 |  | 
			
				
					|  | 5afc23c446 | Switch to a properly hashed passwords | 2013-09-14 15:59:38 +04:00 |  | 
			
				
					|  | 003ba6f46b | Make session cookie more secure | 2013-09-14 15:58:57 +04:00 |  | 
			
				
					|  | 13729dac93 | Improve generation of CAPTCHA images | 2013-09-13 22:56:01 +04:00 |  | 
			
				
					|  | 8bb1551f7a | Switch to a more secure method for generation of the thread token | 2013-09-13 20:19:12 +04:00 |  | 
			
				
					|  | d9a8afeb57 | Fix regular expressions for integer IDs | 2013-09-13 20:18:06 +04:00 |  | 
			
				
					|  | d7c18215c5 | Switch to a more secure method for generation of the CSRF token | 2013-09-13 19:53:20 +04:00 |  | 
			
				
					|  | 2334a0ed0a | Switch to a more secure method for generation of the token for request for a password restore | 2013-09-13 19:36:56 +04:00 |  | 
			
				
					|  | e61706955a | Switch to a more reliable function for generation of userid | 2013-09-13 19:36:31 +04:00 |  | 
			
				
					|  | b77e2a9743 | Fix bug with userid type in sql requests | 2013-09-13 19:33:31 +04:00 |  | 
			
				
					|  | 4f43280bd1 | Set PHPSESSID cookie as secure if HTTPS is used | 2013-09-13 16:21:10 +04:00 |  | 
			
				
					|  | e7ae0845d8 | Set PHPSESSID cookie as HTTP-only | 2013-09-13 15:56:06 +04:00 |  | 
			
				
					|  | 0cfb7a74f5 | Fix multiple potential filepath manipulation vulnerabilities | 2013-09-13 15:26:54 +04:00 |  | 
			
				
					|  | 84467fbb8d | Restrict opening of files outside the Mibew installation | 2013-09-13 14:34:59 +04:00 |  | 
			
				
					|  | afa06b21e2 | Bug fix Properly check file handler before making use of it in common.php | 2013-09-13 14:34:32 +04:00 |  | 
			
				
					|  | 6747e2f557 | Improve algorithm of setting and storing locale setting | 2013-09-13 13:36:04 +04:00 |  | 
			
				
					|  | 2559630e8f | Add verification of values of the default and home locales | 2013-09-11 20:18:26 +04:00 |  | 
			
				
					|  | 097ee2b0d9 | Fix files' permissions | 2013-09-11 19:35:17 +04:00 |  | 
			
				
					|  | 50c0b50abf | Sanitize database tables prefix | 2013-09-10 19:10:26 +04:00 |  | 
			
				
					|  | f26af7f05d | Make headers more safe | 2013-09-10 17:41:54 +04:00 |  | 
			
				
					|  | b42f5bdd0d | Sanitize path to application and remove extra slashes from it | 2013-09-10 17:28:22 +04:00 |  | 
			
				
					|  | 92847d1a52 | Fix multiple (potential) SQL Injections | 2013-09-10 16:21:34 +04:00 |  | 
			
				
					|  | 2532f3bc01 | Enable default conversion of single quotes during HTML entities conversion | 2013-09-06 17:08:27 +04:00 |  | 
			
				
					|  | 441e88dfa9 | Remove redundant whitespaces | 2013-09-06 15:35:11 +04:00 |  | 
			
				
					|  | 0f86f558ec | Fix HTML attributes markup | 2013-09-06 15:34:42 +04:00 |  | 
			
				
					|  | 621f5951c4 | Fix paths in login-related forms | 2013-09-06 14:34:44 +04:00 |  | 
			
				
					|  | 4e6eff55e5 | Mark necessary comment field in ban form | 2013-09-06 14:33:11 +04:00 |  | 
			
				
					|  | 03265a1fb0 | Fix multiple CSRF vulnerabilities | 2013-09-06 14:32:25 +04:00 |  | 
			
				
					|  | 9aef0fb2d4 | Fix multiple XSS vulnerabilities (including CVE-2012-0829) | 2013-09-06 14:31:07 +04:00 |  | 
			
				
					| 
							
							
								 Dmitriy Simushev | 3ee7fca025 | Add captcha to pre-chat survey | 2013-08-28 12:33:25 +04:00 |  | 
			
				
					|  | 845d250b88 | Fix steps enumeration in README file | 2013-08-04 13:38:17 +04:00 |  | 
			
				
					|  | efe6caee71 | Mibew Tray 1.1.1 release Update links to an actual mibew domain in Mibew Tray application (thanks to Nemesis0one) | 2013-07-31 16:38:10 +04:00 |  | 
			
				
					|  | dcd5ecebfa | 1.6.5 released | 2013-07-24 17:23:48 +04:00 |  | 
			
				
					|  | 32b9ba862b | Update db and features versions | 2013-07-24 15:50:00 +04:00 |  | 
			
				
					|  | eb65ec9329 | Update translations (da, de, fi, it, pt-br) | 2013-07-24 15:49:22 +04:00 |  | 
			
				
					|  | d6c18a5ef7 | Update javascripts: version changed to 1.6.5 | 2013-07-24 01:47:07 +04:00 |  | 
			
				
					|  | 3ea9c6c893 | Update copyright notice | 2013-07-24 01:20:36 +04:00 |  | 
			
				
					|  | 4cd7bab1be | Improve packaging script | 2013-07-24 00:42:43 +04:00 |  | 
			
				
					|  | 95d95daa34 | Update localization constants | 2013-07-24 00:42:23 +04:00 |  | 
			
				
					| 
							
							
								 Dmitriy Simushev | b5d05f5411 | Update license info in license.php | 2013-07-24 00:08:46 +04:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 13ca97f10d | update headers | 2013-03-06 22:56:55 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 4f483abe26 | Merge branch 'v1.6.x' | 2013-03-06 22:52:38 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 13622c46b3 | update README | 2013-03-06 22:42:25 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 7bdd14c790 | remove eclipse files; update version to 1.6.5; fix headers | 2013-03-06 22:32:31 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 98aad6e490 | apache 2 license in php headers | 2013-03-06 22:22:53 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | 3741e57eab | apache 2 license (started); upgrade version to 1.6.5 | 2013-03-05 00:24:26 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | c50d60730c | fix move_uploaded_file errors | 2013-03-05 00:03:39 +01:00 |  | 
			
				
					| 
							
							
								 Evgeny Gryaznov | dd6632ffdf | format the code; remove comments in the client code; move csrfchecktoken() right after check_login() | 2012-06-27 10:11:40 +02:00 |  | 
			
				
					| 
							
							
								 YuFei Zhu | 2d04bbe4ee | add csrf token to translate view | 2012-05-01 13:21:49 +01:00 |  | 
			
				
					| 
							
							
								 YuFei Zhu | 22916ce8a0 | add csrf token to performance and features views | 2012-05-01 13:20:03 +01:00 |  |